During a vulnerability scan a penetration tester enters the following Nmap command against all of the non-Windows clients:
nmap -sX -T4 -p 21-25, 67, 80, 139, 8080 192.168.11.191
The penetration tester reviews the packet capture in Wireshark and notices that the target responds with an RST packet flag set for all of the targeted ports. Which of the following does this information most likely indicate?
A potential reason for communicating with the client point of contact during a penetration test is to provide resolution if a testing component crashes a system or service and leaves them unavailable for both legitimate users and further testing. Which of the following best describes this concept?
Which of the following best explains why a penetration tester would use ProxyChains during an assessment?
A penetration tester is performing an assessment for an organization and must gather valid user credentials. Which of the following attacks would be best for the tester to use to achieve this objective?
A penetration tester runs an Nmap scan and obtains the following output:
Starting Nmap 7.80 ( https://nmap.org ) at 2023-02-12 18:53 GMT
Nmap scan report for 10.22.2.2
Host is up (0.0011s latency).
PORTSTATE SERVICEVERSION
135/tcpopen msrpcMicrosoft Windows RPC
139/tcpopen netbios-ssnMicrosoft Windows netbios-ssn
445/tcpopen microsoft-dsMicrosoft Windows Server 2019
1433/tcpopen ms-sql-sMicrosoft SQL Server 2019
3389/tcpopen ms-wbt-serverMicrosoft Terminal Services
8080/tcpopen httpMicrosoft IIS 9.0
Which of the following commands should the penetration tester try next to explore this server?
A penetration tester is preparing to perform activities for a client that requires minimal disruption to company operations. Which of the following are considered passive reconnaissance tools? (Choose two.)
For an engagement, a penetration tester is required to use only local operating system tools for file transfer. Which of the following options should the penetration tester consider?
During a client engagement, a penetration tester runs the following Nmap command and obtains the following output:
nmap -sV -- script ssl-enum-ciphers -p 443 remotehost
| TLS_ECDHE_ECDSA_WITH_RC4_128_SHA
| TLS_ECDHE_RSA_WITH_RC4_128_SHA
| TLS_RSA_WITH_RC4_128_SHA (rsa 2048)
TLS_RSA_WITH_RC4_128_MD5 (rsa 2048)
Which of the following should the penetration tester include in the report?
During an assessment, a penetration tester obtains a list of password digests using Responder. Which of the following tools would the penetration tester most likely use next?
During the execution of a cloud penetration test, a tester was able to gain an initial footprint on the customer cloud infrastructure. Now the tester wants to scan the cloud resources, possible misconfigurations, and other relevant data that could be exploited. Which of the following tools should the tester most likely use?